Cyber Risk Management in Practice: A Guide to Real-World Solutions
Cyber Risk Management in Practice: A Guide to Real-World Solutions is your companion in the ever-changing landscape of cybersecurity. Whether you’re expanding your knowledge or looking to sharpen your existing skills, this book demystifies the complexities of cyber risk management, offering clear, actionable strategies to enhance your organization’s security posture. With a focus on real-world'solutions, this guide balances practical application with foundational knowledge.

Key Features:

  • Foundational insights: Explore fundamental concepts, frameworks, and required skills that form the backbone of a strong and pragmatic cyber risk management program tailored to your organization’s unique needs. It covers everything from basic principles and threat modeling to developing a security-first culture that drives change within your organization. You’ll also learn how to align cybersecurity practices with business objectives to ensure a solid approach to risk management.

  • Practical application: Follow a hands-on, step-by-step implementation guide through the complete cyber risk management cycle, from business context analysis to developing and implementing effective treatment strategies. This book includes templates, checklists, and practical advice to execute your cyber risk management implementation, making complex processes manageable and straightforward. Real-world'scenarios illustrate common pitfalls and effective solutions.

  • Advanced strategies: Go beyond the basics to achieve cyber resilience. Explore topics like third-party risk management, integrating cybersecurity with business continuity, and managing the risks of emerging technologies like AI and quantum computing. Learn how to build a proactive defense strategy that evolves with emerging threats and keeps your organization secure.

1146725356
Cyber Risk Management in Practice: A Guide to Real-World Solutions
Cyber Risk Management in Practice: A Guide to Real-World Solutions is your companion in the ever-changing landscape of cybersecurity. Whether you’re expanding your knowledge or looking to sharpen your existing skills, this book demystifies the complexities of cyber risk management, offering clear, actionable strategies to enhance your organization’s security posture. With a focus on real-world'solutions, this guide balances practical application with foundational knowledge.

Key Features:

  • Foundational insights: Explore fundamental concepts, frameworks, and required skills that form the backbone of a strong and pragmatic cyber risk management program tailored to your organization’s unique needs. It covers everything from basic principles and threat modeling to developing a security-first culture that drives change within your organization. You’ll also learn how to align cybersecurity practices with business objectives to ensure a solid approach to risk management.

  • Practical application: Follow a hands-on, step-by-step implementation guide through the complete cyber risk management cycle, from business context analysis to developing and implementing effective treatment strategies. This book includes templates, checklists, and practical advice to execute your cyber risk management implementation, making complex processes manageable and straightforward. Real-world'scenarios illustrate common pitfalls and effective solutions.

  • Advanced strategies: Go beyond the basics to achieve cyber resilience. Explore topics like third-party risk management, integrating cybersecurity with business continuity, and managing the risks of emerging technologies like AI and quantum computing. Learn how to build a proactive defense strategy that evolves with emerging threats and keeps your organization secure.

59.99 Pre Order
Cyber Risk Management in Practice: A Guide to Real-World Solutions

Cyber Risk Management in Practice: A Guide to Real-World Solutions

by Carlos Morales
Cyber Risk Management in Practice: A Guide to Real-World Solutions

Cyber Risk Management in Practice: A Guide to Real-World Solutions

by Carlos Morales

Overview

Cyber Risk Management in Practice: A Guide to Real-World Solutions is your companion in the ever-changing landscape of cybersecurity. Whether you’re expanding your knowledge or looking to sharpen your existing skills, this book demystifies the complexities of cyber risk management, offering clear, actionable strategies to enhance your organization’s security posture. With a focus on real-world'solutions, this guide balances practical application with foundational knowledge.

Key Features:

  • Foundational insights: Explore fundamental concepts, frameworks, and required skills that form the backbone of a strong and pragmatic cyber risk management program tailored to your organization’s unique needs. It covers everything from basic principles and threat modeling to developing a security-first culture that drives change within your organization. You’ll also learn how to align cybersecurity practices with business objectives to ensure a solid approach to risk management.

  • Practical application: Follow a hands-on, step-by-step implementation guide through the complete cyber risk management cycle, from business context analysis to developing and implementing effective treatment strategies. This book includes templates, checklists, and practical advice to execute your cyber risk management implementation, making complex processes manageable and straightforward. Real-world'scenarios illustrate common pitfalls and effective solutions.

  • Advanced strategies: Go beyond the basics to achieve cyber resilience. Explore topics like third-party risk management, integrating cybersecurity with business continuity, and managing the risks of emerging technologies like AI and quantum computing. Learn how to build a proactive defense strategy that evolves with emerging threats and keeps your organization secure.

Product Details

ISBN-13: 9781032901138
Publisher: CRC Press
Publication date: 06/30/2025
Series: Security, Audit and Leadership Series
Pages: 360
Product dimensions: 6.12(w) x 9.19(h) x (d)

About the Author

Carlos Morales, MBA, A. CCISO, CISM, GRCP, GRCA, CRISC, IRMP, CDPSE, IDPP, IPMP, IAAP, ICEP, is a cybersecurity professional with over 18 years of experience in risk management, privacy, and information security across diverse global landscapes. An advocate for cybersecurity as a business enabler, Carlos is recognized for developing pragmatic, risk-based models that align security initiatives with organizational objectives.

His international expertise is marked by his active participation in initiatives that bridge the gap between the private sector, public institutions, and academia. Carlos has worked with organizations of all sizes around the globe, from multinational conglomerates to startups, bringing a broad, practical perspective across industries. This experience allows him to tailor cybersecurity strategies that are effective and scalable, regardless of organizational size or sector.

He served as an advisor on cybersecurity matters to the Executive Office of the President of Mexico for the National Cybersecurity Plan and was a member of the first Cybersecurity Innovation Council led by the Organization of American States (OAS), where he fostered collaboration among participating countries. At the Instituto Tecnológico y de Estudios Superiores de Monterrey (ITESM), Carlos played an active role in shaping the design of the Cybersecurity HUB and the master’s degree in cybersecurity. He continues to share his expertise as a professor in the ITESM Master’s program in cybersecurity, guiding the next generation of professionals.

Carlos is also an active participant in international forums, where he shares practical insights and connects with diverse audiences, bridging technical and non-technical perspectives with clarity and impact.

Table of Contents

INTRODUCTION SECTION 1: MASTERING RISK MANAGEMENT ESSENTIALS. FUNDAMENTALS OF RISK MANAGEMENT CYBER RISK MANAGEMENT FRAMEWORKS OVERVIEW OF THE 5 STEPS OF RISK MANAGEMENT Risk Context Risk Assessment Risk Treatment Planning Risk Treatment Plans implementation Risk Monitoring RISK REGISTER GOVERNANCE AND CYBERSECURITY CULTURE Starting with Cyber Risk Management Aligning Corporate Governance and Security Culture SECTION 2: EXECUTING RISK MANAGEMENT, A STEP-BY-STEP GUIDE STARTING THE PROCESS: SCOPE AND INFORMATION GATHERING Understanding Your Environment Defining the Scope Gathering Essential Information RISK ASSESSMENT: FROM IDENTIFICATION TO CHARACTERIZATION The Art of Risk Identification Assessing the Impact and Likelihood of Risks Risk Characterization: Aggregation of Risks Above the Risk Appetite RISK TREATMENT STRATEGIES Exploring Risk Treatment Options Selecting the Optimal Path Forward MAKING THINGS HAPPEN: SECURITY INITIATIVES IMPLEMENTATION EPective Risk Communication Strategies Putting Plans into Action: Implementation of Risk Treatment Measures RISK MONITORING AND METRICS Ongoing Monitoring Practices Utilizing KPIs and KRIs for Insight and Oversight SECTION 3: BEYOND BASICS, ELEVATING TO CYBER RESILIENCE BUILDING CYBER RESILIENCE Principles of Cyber Resilience Strategies for Enhancing Organizational Resilience Case Studies on Recovering from Cyber Incidents THIRD-PARTY RISK MANAGEMENT Understanding Third-Party Risks in the Supply Chain Due Diligence and Assurance Processes for Third Parties ADVANCING TOWARDS RISK QUANTIFICATION Current Challenges in Cyber Risk Management Transitioning to Risk Quantification: Approaches and Tools CONCLUSION SUMMARY OF KEY LEARNINGS NEXT STEPS FOR EFFECTIVE RISK MANAGEMENT IMPLEMENTATION
From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Computer Security
Computers
Computers - General & Miscellaneous
Computer Security

Customer Reviews